//登录和注册
const express = require('express');
const router = express.Router();
const User = require("../../model/user");
const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken');
const key = require('../../config/keys');
const passport = require('passport');

//router post请求 api/user/register
router.post("/register", (req, res) => {
        // console.log(req.body)
        //查询数据库中是否拥有邮箱
        User.findOne({ email: req.body.email })
            .then((user) => {
                if (user) {
                    return res.status(400).json("邮箱已被注册");
                } else {
                    const newUser = new User({
                        name: req.body.name,
                        email: req.body.email,
                        password: req.body.password,
                        identity: req.body.identity
                    });
                    //密码加密
                    bcrypt.genSalt(10, function(err, salt) {
                        bcrypt.hash(newUser.password, salt, function(err, hash) {
                            // Store hash in your password DB.
                            if (err) throw err;
                            newUser.password = hash
                            newUser.save()
                                .then(user => res.json(user))
                                .catch(err => console.log(err))
                        });
                    });
                }
            })
    })
    //router post请求 api/user/login
    //返回token jwt password
router.post("/login", (req, res) => {
    const email = req.body.email;
    const password = req.body.password;
    User.findOne({ email })
        .then(user => {
            if (!user) {
                return res.status(404).json("用户不存在")
            }
            bcrypt.compare(password, user.password)
                .then(isMatch => {
                    if (isMatch) {
                        // jwt.sign("规则","加密名字","获取时间","过期时间","箭头函数")
                        const rule = {
                            id: user.id,
                            name: user.name,
                            identity: user.identity
                        }
                        jwt.sign(rule, key.secretOrKey, ({ expiresIn: 3600 }), (err, token) => {
                                if (err) throw err;
                                res.json({
                                    success: true,
                                    token: "Bearer " + token
                                })
                            })
                            // res.json({ msg: "success" })
                    } else {
                        return res.status(400).json("密码错误")
                    }
                })
        })
})

//用户已拿到token router get请求 api/user/current
//return current user private
router.get("/current", passport.authenticate("jwt", { session: false }), (req, res) => {
    res.json({
        id: req.user.id,
        name: req.user.name,
        email: req.user.email,
        identity: req.user.identity
    })
})
module.exports = router